﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Data;
using System.Data.SqlClient;
using System.Configuration;
namespace HCDV
{
    public class userloginout
    {

        public String[] Login(String loginid, String password)
        {
            String[] CheckLogin;
            SqlConnection myConnection = new SqlConnection(ConfigurationSettings.AppSettings["ConnectionString"]);
            SqlCommand myCommand = new SqlCommand("sysEmpLogin", myConnection);

            myCommand.CommandType = CommandType.StoredProcedure;

            SqlParameter parameterLoginID = new SqlParameter("@loginid", SqlDbType.VarChar, 50);
            parameterLoginID.Value = loginid;
            myCommand.Parameters.Add(parameterLoginID);
            SqlParameter parameterPassword = new SqlParameter("@password", SqlDbType.VarChar, 50);
            parameterPassword.Value = password;
            myCommand.Parameters.Add(parameterPassword);
            SqlParameter parameterEmpID = new SqlParameter("@empid", SqlDbType.Int, 4);
            parameterEmpID.Direction = ParameterDirection.Output;
            myCommand.Parameters.Add(parameterEmpID);

            SqlParameter parameterReason = new SqlParameter("@reason", SqlDbType.VarChar, 50);
            parameterReason.Direction = ParameterDirection.Output;
            myCommand.Parameters.Add(parameterReason);

            myConnection.Open();
            myCommand.ExecuteNonQuery();
            myConnection.Close();

            string LoginID;
            LoginID = parameterEmpID.Value.ToString();
            string Result;
            if (parameterReason.Value.ToString() == "access")
                Result = "成功登录";
            else if (parameterReason.Value.ToString() == "noEmp")
            {
                Result = "用户名错误";
                LoginID = "usererror";
            }
            else if (parameterReason.Value.ToString() == "pError")
            {
                Result = "密码错误";
                LoginID = "pwderror";
            }
            else
            {
                Result = "帐号被禁用";
                LoginID = "noacount";
            }
            CheckLogin = new string[]
				  {
					LoginID,
				  Result
				  };
            return CheckLogin;



        }
        public bool ChangePassword(string empid, string newpassword)
        {
            SqlConnection myConnection = new SqlConnection(ConfigurationSettings.AppSettings["ConnectionString"]);
            SqlCommand myCommand = new SqlCommand("sysEmpChangePassword", myConnection);

            myCommand.CommandType = CommandType.StoredProcedure;

            SqlParameter parameterEmpID = new SqlParameter("@empid", SqlDbType.Int);
            parameterEmpID.Value = Convert.ToInt16(empid);
            myCommand.Parameters.Add(parameterEmpID);

            SqlParameter parameterPassword = new SqlParameter("@password", SqlDbType.VarChar, 50);
            parameterPassword.Value = newpassword;
            myCommand.Parameters.Add(parameterPassword);

            try
            {
                myConnection.Open();
                int result = myCommand.ExecuteNonQuery();
                myConnection.Close();
            }
            catch
            {
                return false;
            }
            return true;
        }
    }
}
